A vulnerability in the ClamAV antivirus toolkit may allow a remote attacker to execute arbitrary code on a vulnerable system.
Clam AntiVirus is an antivirus toolkit for Unix-like systems that is commonly integrated with mail servers for email attachment scanning. It supports a number of different file formats, including the Ultimate Packer for eXecutables (UPX).
A remote unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. The attacker-supplied code would be executed with the privileges of the running ClamAV process.
Thanks to ClamAV for reporting this vulnerability.
This document was written by Chad R Dougherty.
|Date First Published:||2006-01-16|
|Date Last Updated:||2006-01-16 21:01 UTC|